Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

GNU Bash 4.3 - CVE-2014-6271 vulnerability issue - How does Altassian tools impacted?

Jijo John2
Jijo John
Contributor
September 26, 2014

Bash  - CVE-2014-6271 vulnerability issue - How does Altassian tools impacted? especially JIRA and Bamboo (Running on Centos 5.4 OS).

 

how that differ Cloud hosting and standalone installation?

 

Regards,

Jijo | TechNPoints

Answer
Watch
Like Be the first to like this
804 views

4 answers

1 accepted

0 votes
Answer accepted
craig_davies
craig_davies
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 26, 2014

Hi all

There is no vulnerability in Atlassian server products, see my blog post.

http://blogs.atlassian.com/2014/09/bash-vulnerability-atlassian/

View More Comments
Jijo John2
Jijo John
Contributor
September 27, 2014

Thanks Craig for confirmation! Good to hear from Atlassin people directly :)

Like
Reply
1 vote
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 26, 2014

Atlassian systems, both OnDemand and Server versions, are not affected by this bug generally, barring two cases:

  1.  Bitbucket was vulnerable, but has been patched
  2. Where you have installed server versions on systems that are affected.  Atlassian stuff itself is not affected directly, but if they're running on an OS that is affected, then yes, they're vulnerable.  So you need to fix it at an OS level if you're using a vulnerable version of bash.

 

View More Comments
Jijo John2
Jijo John
Contributor
September 27, 2014

Thanks Nic, That make sense since Bash is part of OS component.

Like
Reply
1 vote
Chag
Chag
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 26, 2014

I think you just need to patch up your linux to fix the vulnerability. Any software can be exposed with this bash issue. They put out a temporary patch you should update to that and when a complete fix has been done update to that.

Reply
0 votes
Chag
Chag
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 26, 2014

for the cloud issue I have not heard atlassian mention anything yet.  nothing listed in their https://confluence.atlassian.com/display/JIRA/Security+Advisories

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.